Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | net.resolvers.basic: Record hostname coming from secure SRV records | Kim Alvefur | 2022-12-22 | 1 | -0/+2 |
| | | | | Will be useful even later... | ||||
* | net.resolvers.service: Record DNSSEC security status of SRV records | Kim Alvefur | 2022-12-22 | 1 | -0/+3 |
| | | | | Will be useful later. | ||||
* | net.resolvers.service: Fix reporting of Bogus DNSSEC results | Kim Alvefur | 2022-12-21 | 1 | -3/+6 |
| | | | | | | | | | The order of checks led to Bogus results being reported with a generic "unable to resolve service". This had no practical effects as such results are simply empty and the process would stop there. Tested by attempting to establish s2s with dnssec-bogus.sg and observing the error reply. | ||||
* | Revert unintentionally committed parts of 12bd40b8e105 | Kim Alvefur | 2022-12-21 | 1 | -8/+3 |
| | |||||
* | mod_c2s,mod_s2s: Adapt to XEP-xxxx: Stream Limits Advertisement | Kim Alvefur | 2022-10-20 | 1 | -3/+8 |
| | | | | Thanks MattJ | ||||
* | net.resolvers.basic: Add opt-out argument for DNSSEC security status | Kim Alvefur | 2022-08-02 | 1 | -3/+5 |
| | | | | | | | This makes explicit which lookups can accept an unsigned response. Insecure (unsigned, as before DNSSEC) A and AAAA records can be used as security would come from TLS, but an insecure TLSA record is worthless. | ||||
* | compat: Remove handling of Lua 5.1 location of 'unpack' function | Kim Alvefur | 2022-07-11 | 1 | -1/+1 |
| | |||||
* | net.resolvers.basic: Fix incorrect field name (thanks CI) | Matthew Wild | 2022-03-18 | 1 | -1/+1 |
| | |||||
* | net.resolvers.basic: Indicate to callback if we have more targets available | Matthew Wild | 2022-03-18 | 1 | -1/+1 |
| | |||||
* | net.resolvers.basic: Alternate IP address family targets, per RFC 8305 | Matthew Wild | 2022-03-18 | 1 | -2/+10 |
| | |||||
* | net.resolvers.basic: Refactor to remove code duplication | Matthew Wild | 2022-03-18 | 1 | -80/+72 |
| | | | | ...and prepare for Happy Eyeballs | ||||
* | net.resolvers.service: Honour record 'weight' when picking SRV targets | Matthew Wild | 2022-03-17 | 1 | -13/+68 |
| | | | | #NotHappyEyeballs | ||||
* | net.resolvers.chain: A resolver for combining other resolvers | Kim Alvefur | 2022-01-21 | 1 | -0/+38 |
| | | | | Say if you wanted to try both _xmpp and _xmpps services | ||||
* | net.resolvers: Report DNSSEC validation errors instead of NoError | Kim Alvefur | 2021-12-28 | 2 | -3/+13 |
| | | | | Thanks Martin bringing this case to attention | ||||
* | net.resolvers: Report when hostname fails IDNA | Kim Alvefur | 2021-12-07 | 2 | -2/+2 |
| | | | | | Not a particularly user-friendly error message, but better than "unable to resolve service" and having no clue where it came from. | ||||
* | net.connect: Propagate last error message from resolvers | Kim Alvefur | 2021-11-12 | 2 | -3/+26 |
| | | | | | | | | Previously it would only say "unable to resolve server" for all DNS problems. While "NoError in A lookup" might not make much sense to users, it should help in debugging more than the previous generic error. Friendlier errors will be future work. | ||||
* | net.resolvers.service: Only do DANE with secure SRV records | Kim Alvefur | 2021-07-18 | 1 | -0/+4 |
| | | | | | | If this seems backwards, that' because it is but the API isn't really designed to easily pass along details from each resolution step onto the next. | ||||
* | Revert 926d53af9a7a: Restore DANE support | Kim Alvefur | 2021-07-18 | 1 | -4/+5 |
| | | | | | Previous commit adds a workaround, so this doesn't mutate global state anymore, only per-connection 'extra' state as originally intended. | ||||
* | net.resolvers.basic: Fix completion condition when IPv6 is disabled | Kim Alvefur | 2021-03-15 | 1 | -0/+2 |
| | | | | | | | | | | Fixes mistake introduced in 5a71f14ab77c that made it so this ready() newer got called and thus it would be stuck waiting for it. Looks like the kind of thing that could have been introduced by a merge or rebase. Thanks MattJ | ||||
* | net.resolvers.basic: Disable DANE for now, completely broken | Kim Alvefur | 2021-03-03 | 1 | -5/+4 |
| | | | | | Turns out 'extra' is, at least for mod_s2s, the same table for *all* connections. | ||||
* | net.resolvers.basic: Don't enable DANE with zero TLSA records | Kim Alvefur | 2021-03-03 | 1 | -1/+1 |
| | | | | Turns out it doesn't work with zero. | ||||
* | net.connect: Add DANE support | Kim Alvefur | 2021-03-02 | 1 | -1/+26 |
| | | | | | | Disabled DANE by default, since it needs extra steps to be useful. The built-in DNS stub resolver does not support DNSSEC so having DANE enabled by default only leads to an extra wasted DNS request. | ||||
* | Merge 0.11->trunk | Matthew Wild | 2020-07-10 | 1 | -1/+2 |
|\ | |||||
| * | net.resolvers.basic: Default conn_type to 'tcp' consistently if unspecified ↵ | Matthew Wild | 2020-07-10 | 1 | -1/+2 |
| | | | | | | | | | | | | (thanks marc0s) Fixes a traceback when passed an IP address with no conn_type. | ||||
* | | net.resolvers: Remove FIXMEs obsoleted by switch to libunbound | Kim Alvefur | 2020-06-25 | 2 | -5/+0 |
| | | |||||
* | | net.connect: Remove TODO about use_ipv4/6 done in 3bfb20be844c | Kim Alvefur | 2020-06-22 | 1 | -1/+0 |
| | | |||||
* | | net.resolvers.service: Fix resolving of targets with multiple IPs | Kim Alvefur | 2020-02-16 | 1 | -5/+8 |
| | | | | | | | | | | Each basic resolver was only used once and not kept around to try any IP addresses but the first one found. | ||||
* | | net.resolvers.basic: Fix continuing if IPv6 or Legacy IP is disabled | Kim Alvefur | 2020-01-26 | 1 | -0/+4 |
| | | | | | | | | | | The code expects ready() to be called twice, but with IPv4 or v6 disabled it would only be called once. | ||||
* | | net.resolvers.basic: Obey extra.use_ipv4/use_ipv6 | Matthew Wild | 2020-01-25 | 1 | -2/+2 |
| | | |||||
* | | net.resolvers.basic: Obey use_ipv4/use_ipv6 | Matthew Wild | 2020-01-25 | 1 | -14/+19 |
| | | |||||
* | | net.connect: Mention RFC 6724 regression | Kim Alvefur | 2019-12-07 | 1 | -0/+1 |
| | | | | | | | | | | Default Address Selection algorithm is not applied, resulting in a strong bias towards IPv4. | ||||
* | | net.connect: Add some TODOs and FIXMEs | Kim Alvefur | 2019-12-07 | 2 | -0/+7 |
| | | | | | | | | And mention issue numbers: #1246, #1428 and #1429 | ||||
* | | Merge 0.11->trunk | Kim Alvefur | 2019-11-24 | 1 | -0/+2 |
|\| | |||||
| * | net.resolvers.basic: Normalise IP literals, ensures net.server is happy | Kim Alvefur | 2019-11-24 | 1 | -0/+2 |
| | | |||||
* | | net.resolvers.service: Pass IP literals directly to basic resolver | Kim Alvefur | 2019-11-24 | 1 | -0/+9 |
| | | | | | | | | | | | | IP literals will not work with SRV records anyways. Fixes s2s with IP literals. | ||||
* | | Merge 0.11->trunk | Kim Alvefur | 2019-11-24 | 1 | -11/+17 |
|\| | |||||
| * | net.resolvers.basic: Fix resolution of IPv6 literals (in brackets) (fixes #1459) | Kim Alvefur | 2019-11-24 | 1 | -0/+3 |
| | | |||||
| * | net.resolvers.basic: Move IP literal check to constructor | Kim Alvefur | 2019-11-24 | 1 | -11/+14 |
| | | | | | | | | | | This is to prepare for fixing #1459. An IPv6 literal in [ ] brackets does not pass IDNA and resolving it fails there. | ||||
* | | Merge 0.11->trunk | Kim Alvefur | 2019-11-08 | 2 | -0/+2 |
|\| | |||||
| * | net.resolvers: Fix traceback from hostname failing IDNA | Kim Alvefur | 2019-11-08 | 2 | -0/+2 |
| | | | | | | | | Related to #1426 | ||||
* | | Merge 0.11->trunk | Kim Alvefur | 2019-11-02 | 2 | -2/+14 |
|\| | |||||
| * | net.resolvers: Abort on hostnames not passing IDNA validation | Kim Alvefur | 2019-11-02 | 2 | -0/+10 |
| | | | | | | | | | | | | Prevents error on trying to use nil. Needs better error reporting in the future. | ||||
| * | net.resolvers: Apply IDNA conversion to ascii for DNS lookups (fixes #1426) | Kim Alvefur | 2019-11-02 | 2 | -2/+4 |
| | | |||||
* | | net.resolvers.service: Fix DNS fallback | Kim Alvefur | 2019-08-17 | 1 | -1/+5 |
| | | |||||
* | | various: Don't rely on _G.unpack existing | Kim Alvefur | 2018-12-08 | 3 | -0/+3 |
|/ | |||||
* | net.resolvers.basic: Suffix IPv4 TCP socket types with '4' to match eg 'tcp6' | Kim Alvefur | 2018-10-12 | 1 | -2/+2 |
| | |||||
* | net.resolvers.service: Sort SRV records in correct direction | Kim Alvefur | 2018-09-30 | 1 | -1/+1 |
| | |||||
* | net.resolvers.service: Fix sorting SRV record | Kim Alvefur | 2018-09-30 | 1 | -1/+1 |
| | |||||
* | net.resolvers.service: Rename internal variable since net.connect uses it ↵ | Kim Alvefur | 2018-09-29 | 1 | -4/+4 |
| | | | | for __tostring | ||||
* | net.resolvers.service: Add support for fallback to bare domain and default port | Kim Alvefur | 2018-09-29 | 1 | -0/+3 |
| | | | | The default port must be configured separately to enable this behavior |